Cybera operates in a transparent manner while respecting the principles of freedom of information and protection of privacy.
In the course of its membership, project management, and service provision activities, Cybera may collect personal information from individuals who are involved in the projects it develops and supports. This policy outlines the access and privacy principles to which Cybera adheres and describes how Cybera uses and discloses personal information.
Cybera’s access and privacy provisions are based on the principles outlined below, which are drawn from the Canadian Standards Association’s Model Code for the Protection of Personal Information, recognized as a national standard in 1996.
ACCOUNTABILITY: Cybera is responsible for the personal information under its control and has designated the company’s Chief Operating Officer as its Privacy Officer, accountable for Cybera’s compliance with these principles.
IDENTIFYING PURPOSES: The purposes for which personal information is collected shall be identified at or before the time the information is collected.
CONSENT: The knowledge and consent of the individual are required for collection, use, or disclosure of personal information, except when deemed inappropriate.
LIMITING COLLECTION: The collection of personal information by Cybera shall be limited to the information that is necessary for the purposes identified. Information shall be collected by fair and lawful means.
LIMITING USE, DISCLOSURE, AND RETENTION: Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as deemed necessary for fulfillment of those purposes.
ACCURACY: Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
SAFEGUARDS: Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
OPENNESS: Cybera shall make readily available to individuals information about its policies and practices relating to the management of personal information.
INDIVIDUAL ACCESS: Upon request, an individual shall be informed of the existence, use and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to request a correction of factual inaccuracies.
CHALLENGING COMPLIANCE: An individual shall be able to address a challenge concerning compliance with the above principles to the Privacy Officer.
COLLECTION, USE, AND DISCLOSURE OF PERSONAL INFORMATION
Cybera requires members to provide certain personal information. This information may include, but is not limited to, contact details, academic affiliation, and budgetary information. This information is used to support service provision and project funding.
Cybera uses personal information collected in connection with proposals as part of the funding application process. Reviewers of these applications are informed of Cybera’s obligations to protect such information and agree to comply with such obligations.
Cybera routinely publishes and disseminates information about projects that it is leading or supporting. Such information may include information about project leaders and researchers including their name, institution, department affiliations, and field of work or research.
Cybera collects limited personal information through its website and electronic mail related to persons who express interest in receiving Cybera’s news releases and other publications. Personal information collected in these activities is used only for the purpose for which it is collected, and is not used or disclosed for any other purpose without consent.
Cybera retains information obtained in connection with administration and project management indefinitely. Individuals may request disposal of personal information by contacting: email@example.com
KEEPING PERSONAL INFORMATION ACCURATE
Cybera will correct any factual inaccuracies in personal information held by it in response to satisfactory evidence being provided by the individual to whom it relates.
Cybera will use appropriate security measures to protect against loss, theft, or unauthorized access, disclosure, use or modification of personal information collected by it. Such measures involve physical, organizational, and electronic security procedures and systems. Cybera will require that its employees keep personal information confidential and comply with Cybera's personal information security standards. Cybera will take appropriate measures to ensure that, upon disposal and destruction of records, the confidentiality of personal information is maintained.
ACCESS TO PERSONAL INFORMATION
Any individual whose information has been collected and held by Cybera may request access to that information. Upon request to the Privacy Officer, Cybera will advise individuals of the existence, use and disclosure of their personal information on file with Cybera. Cybera will respond to reasonable requests. There will be no cost to access information unless the individual requests copies of records, makes multiple requests, or the request involves significant retrieval costs.
In certain circumstances, Cybera may be unable to provide access to some or all of the personal information that it holds about an individual. Such circumstances may include those in which personal information about the individual cannot reasonably be separated from personal information of others, or cannot be disclosed for reasons related to personal security, solicitor-client privilege, or commercial confidentiality.
Individuals may request access to their information, address any questions or concerns regarding their personal information, or change or withdraw their consent to Cybera’s use of their information, in accordance with this policy, by contacting Cybera’s Privacy Officer at: firstname.lastname@example.org